Markus Lorch writes (09:51 January 20, 2005):
Hi all,
the SAML AuthZ Service document in section 6.1 requires us to use the Web Services Security X.509 Certificate Token Profile to encode certificate paths. I have been keeping my eyes open for an implementation of this standard for the last few months with no success.
This isn't technically correct as the encoding of the certificate chain is a SHOULD not a MUST. I just checked with Rachana and GT does not include the SubjectConfirmation element, so no help there.
Do any of you know of an implementation or are working on one? (e.g. for the delegation service?) Do you have other implementations/ standards to encode certificate paths via XML?
Btw, the reference to this standard in the document needs updating, the standard was finalized in the Spring of 2004, it is no longer a draft. - There is an old "Editor's note" in section 6.1.2 SubjectConfirmation Element from Von that can also be taken out. Maybe this can be fixed before its submitted to the editor (otherwise I'll repost in public comment)
Thanks. I don't think it has been submitted yet, I've made these corrections in my latest version in any case. Von
Thanks
Markus
---------------------------------------------------------------- Markus Lorch Department of Computer Science Phone: +1 540 231 5914 Virginia Tech, m/c 106 Fax: +1 540 231 6075 Blacksburg, VA 24061, U.S.A. http://people.cs.vt.edu/~mlorch